Welcome to SecureDrop’s documentation!

SecureDrop is an open-source whistleblower submission system that media organizations can use to securely accept documents from and communicate with anonymous sources.

User Guides

• Source Guide
  • Choosing the Right Location
  • Get the Tor Browser
  • Choose Who to Submit To
  • Making Your First Submission
  • Continuing the Conversation
• Journalist Guide
  • Updating Your Workstation
  • Creating a GPG Key
  • Connecting to the Journalist Interface
  • Daily Journalist Alerts About Submissions
  • Interacting With Sources
  • Moving Documents to the Secure Viewing Station
  • Decrypting on the Secure Viewing Station
  • Working with Documents
  • Encrypting and Moving Documents to the Journalist Workstation
  • Decrypting and Preparing to Publish
• Admin Guide
  • Responsibilities
  • Common Tasks
  • Frequently Asked Questions
• Passphrase Best Practices
  • General Best Practices
  • For Sources
  • For Journalists/Admins

Install SecureDrop

• Overview
  • Technical Summary
  • Infrastructure
  • Operation
• Glossary
  • Source
  • Journalist
  • Application Server
  • Monitor Server
  • Landing Page
  • Source Interface
  • Journalist Interface
  • Journalist Workstation
  • Admin Workstation
  • Secure Viewing Station
  • Submission Key
  • Two-Factor Authenticator
  • Transfer Device
• Passphrases
  • Admin
  • Journalist
• Hardware
  • Hardware Overview
  • Required Hardware
  • Optional Hardware
  • Specific Hardware Recommendations
• Before You Begin
• Create Tails USBs
  • Install Tails
  • Enable Persistent Storage
• Set Up the Secure Viewing Station
  • Ensure Filenames are Preserved
  • Correct the System Time
• Set Up the Transfer Device
  • Select DVDs or USBs
  • USB Transfer Device Configuration
• Generate the Submission Key
  • Create the Key
  • Export the Submission Public Key
• Set up the Admin Workstation
  • Start Tails with Persistence Enabled
  • Download the SecureDrop repository
  • Create the Admin Passphrase Database
• Set Up the Network Firewall
  • Before You Begin
  • Initial Configuration
  • Disable DHCP on the LAN
  • SecureDrop Configuration
  • Tips for Setting Up pfSense Firewall Rules
  • Keeping pfSense up to Date
  • Abstract Firewall Rules
• Set Up the Servers
  • Install Ubuntu
  • Test Connectivity
  • Set Up SSH Keys
• Install SecureDrop
  • Install Prerequisites
  • Localization of the Source Interface and Journalist Interface
  • Configure the Installation
  • Install SecureDrop Servers
• Configure the Admin Workstation Post-Install and Create Backups
  • Auto-connect to the Authenticated Tor Hidden Services
  • Back Up the Workstations
• Create an Admin Account on the Journalist Interface
• Test the Installation
  • Test Connectivity
  • Sanity-Check the Installation
  • Test the Web Interfaces
• Onboard Journalists
  • Determine Access Protocol for the Secure Viewing Station
  • Create a Journalist Tails USB
  • Set Up Automatic Access to the Journalist Interface
  • Add an account on the Journalist Interface
  • Verify Journalist Setup

Deployment Best Practices

• Overview
• Landing Page
  • URL and Location
  • HTTPS Only (No Mixed Content)
  • Perfect Forward Secrecy
  • SSL Certificate Recommendations
  • Do Not Use Third-Party Analytics, Tracking, or Advertising
  • Do Not Hyperlink .onion Addresses
  • Avoid Direct Links to SecureDrop.org
  • Apply Security Headers
  • Additional Apache Configuration
  • Further Security Considerations
  • Landing Page Content Suggestions
• Minimum requirements for the SecureDrop environment
• Whole Site Changes
  • Suggested
• Sample SecureDrop Privacy Policy
  • Collection of Information From Sources
  • Collection of Information About Journalists’ Use of SecureDrop
  • Data Security
  • Children Under 13
  • Changes to This Policy
  • Contact

Checklists

• Pre-Install Hardware Checklist

Topic Guides

• Promoting Your SecureDrop Instance
  • Make a High Profile Announcement
  • Provide a Clear Link on Your Homepage
  • Provide Links at the Bottom of Your Articles
  • Create an Instructional Video on How to Access and Use Your SecureDrop
  • Regularly Share Your SecureDrop Landing Page on Social Media
  • Target Potential Whistleblowers with Advertising
  • Put an Advertisement in Your Physical Paper
• What Makes SecureDrop Unique
  • No Third Parties that Can Secretly be Subpoenaed
  • Limits the Metadata Trail as Much as Possible
  • Encrypted and Air-Gapped
  • Protects Against Hackers
  • Free and Open Source Software
• Investigating Logs
  • Logs to examine on both servers
  • Application Server Logs
  • Monitor Server Logs
• OSSEC Guide
  • Setting Up OSSEC Alerts
  • Troubleshooting
  • Analyzing the Alerts
• Tails Guide
  • Installing Tails on USB Sticks
  • Configure Tails for Use with SecureDrop
• Setting Up a Printer in Tails
  • Installing and Printing via the Tails GUI
  • Troubleshooting
  • Printing from the Command Line
• HTTPS on the Source Interface
  • Obtaining an HTTPS certificate for Onion URLs
  • Activating HTTPS in SecureDrop
• SSH Over Local Network
  • Configuring SSH for Local Access
• SecureDrop On-Site Training Schedule
  • Day 1: Preparation and Install
  • Day 2: Journalist and Admin Training
• Using a YubiKey with the Journalist Interface
  • What is a YubiKey?
  • Download and Launch the YubiKey Personalization Tool
  • Setting Up Hardware-Based Codes
  • Adding Users
  • Using Your YubiKey
• Back Up, Restore, Migrate
  • Minimizing Disk Use
  • Backing Up
  • Restoring
  • Migrating
• Backing Up and Restoring Workstations
  • Backup the Workstations
  • Restoring a Workstation from a Backup
• Troubleshooting Kernel Updates
  • Boot into Single User Mode
  • Test the New Kernel
  • Compare the Behavior of the Old Kernel
  • Roll Back to the Old Kernel
  • Report Compatibility Issues
  • Test and Enable an Updated Kernel
• Getting Support
  • Community Based Support
  • Priority Support and Training

Upgrade SecureDrop

• Upgrade from 0.12.2 to 0.13.0
  • Updating the Tails Workstations
  • Backing Up the Tails Workstations
  • Getting Support
• Upgrading to Ubuntu 16.04 After April 30
  • Saving old submissions
  • Contact us
• Ubuntu 16.04 LTS (Xenial) migration - Preparatory steps
  • Preparation Procedure
  • Checking your Server Securedrop version
  • Ensuring your Admin Workstation is up-to-date
  • Backing up your instance
  • Verifying SSH access
  • Upgrading Journalist Workstations
  • Contact us
• Ubuntu 16.04 LTS (Xenial) - Upgrading in Place
  • Before you begin
  • Step 1: Upgrade the Monitor Server
  • Step 2: Upgrade the Application Server
  • Step 3: Reprovision SecureDrop
  • Step 4: Validate the Instance
  • Contact us
• Ubuntu 16.04 LTS (Xenial) - Back Up, Install, Restore
  • Before you begin
  • Step 1: Back up your instance
  • Step 2: Install Xenial
  • Step 3: Set up SSH access to the servers
  • Step 4: Install SecureDrop
  • Step 5: Restore your instance data and configuration from backup
  • Step 6: Cut over to the new instance
  • Step 7: Test the instance connectivity
  • Contact us
• Upgrade from 0.12.1 to 0.12.2
  • Updating the Tails Workstations
  • Getting Support
• Upgrade from 0.12.0 to 0.12.1
  • Updating the Tails Workstations
  • Getting Support
• Upgrade from 0.11.1 to 0.12.0
  • Updating the Tails Workstations
  • Troubleshooting Kernel Issues
  • Upgrading to Ubuntu 16.04
  • Getting Support
• Upgrade from 0.10.0 to 0.11.0
  • Updating the Tails Workstations
  • Troubleshooting Kernel Issues
  • Getting Support
• Upgrade from 0.9.1 to 0.10.0
  • Updating the Tails Workstations
  • Troubleshooting Kernel Issues
  • Getting Support
• Upgrade from 0.8.0 to 0.9.1
  • Updating the Tails Workstations
  • Database Migration May Take Time to Complete
  • New Dialogs in Tails 3.9
  • Troubleshooting Kernel Issues
  • Enabling the New Kernel After a Downgrade
  • Getting Support
• Upgrade from 0.7.0 to 0.8.0
  • Updating the Tails Workstations
  • Removal of Two-Factor Authentication for Keyboard Login
  • Troubleshooting Kernel Issues
  • Enabling the New Kernel After a Downgrade
  • Getting Support
• Upgrade from 0.6.x to 0.7.x
  • Updating the Tails Workstations
  • Configuring SSH Over the Local Network
  • Configuring Email Alerts About New Submissions
  • Configuring Server Reboot Time
  • Getting Support
• Upgrade from 0.5.x to 0.6.x
  • Updating the Tails Workstations
  • Troubleshooting Linux Kernel Issues
  • Getting Support
• Upgrade from 0.4.x to 0.5.x
  • Pull the Latest Release
  • Choose the List of Supported Languages
• Upgrade from 0.3.x to 0.4.x
  • Pull the Latest Release
  • Upgrade the Tails Persistence Configuration
  • Verify the Upgrades
• Upgrade Tails from 1.x to 2.x
  • Upgrade Each Tails Device
  • Finishing Up
  • Troubleshooting
• Upgrade Tails from 2.x to 3.x
  • Why You Should Upgrade
  • What You Need
  • 1. Prepare the Master Tails USB
  • 2. Backup the Tails Drives
  • 3. Upgrade the Tails Drives
  • 4. Upgrade KeePassX Database
  • 5. Upgrade the Secure Viewing Station
  • 6. Upgrade SecureDrop to 0.4.x
  • If You Encounter Issues

Developer Documentation

• Contributing to SecureDrop
  • Programmers
  • Writers
  • DevOps
  • Release Managers
  • Translators
  • Designers
  • Moderators and Support
• Setting Up the Development Environment
  • Prerequisites
  • Quick Start
  • Setting Up a Multi-Machine Environment
• Making a PR to SecureDrop
  • Forking and Cloning the Project
  • Make Your Changes and Push to the Fork
  • Making a Pull Request to Get Your Changes Merged in develop Branch
• Development of Securedrop-Admin in the Admin Directory
• Development of SecureDropUpdater in the journalist_gui Directory
  • Installing the Dependencies in a Virtual Environment
  • To Update the UI Design
  • Using Resources in the UI
  • Adding and Running Test Cases
• Developing the SecureDrop Client Application
  • Developer Setup
  • How to Find Help
  • Client Architecture
  • Tests
  • Contributing
• Journalist Interface API
  • Versioning
  • Content Type
  • Authentication
  • Errors
  • Endpoints
• Virtual Environments: Servers
  • Staging
  • Production
• Virtual Environments: Admin Workstation
  • macOS
  • Linux
• Upgrade Testing using Molecule
  • Upgrade testing using locally-built packages
  • Upgrade testing using apt-test.freedom.press
  • Updating the base boxes used for upgrade testing
• Contributing Guidelines
  • Signing commits
  • Branching Strategy
  • Automated Testing
  • Code Style
  • Type Hints in Python code
  • Git History
  • Privileges
  • Other Tips
• Tips & Tricks
  • Using Tor Browser with the Development Environment
  • Upgrading or Adding Python Dependencies
  • Connecting to VMs via SSH Over Tor
  • Architecture Diagrams
• Database Migrations
  • Migration Files
  • Deployment
  • Developer Workflow
• Internationalization (i18n)
  • The i18n_tool.py Translation Helpers
  • Creating New Translations
  • Updating Strings to be Translated
  • Compiling Translations
  • Verifying Translations
  • Merging Translations Back to Develop
  • Merging Develop into the Weblate Fork
  • Updating the Full Text Index
  • Release Management
  • Translator Credits
  • Translations Admins
• Getting Started with Weblate Translations
  • Who Uses SecureDrop?
  • Register for Weblate
  • Choose a Language
  • Translate a Phrase
  • Instructions About a User Navigation
  • Placeholders
  • Reviews
  • Glossary
  • Weblate Glossary
  • Getting Help
  • Frequently Asked Questions
• Documentation Guidelines
  • Testing Documentation Changes
  • Updating Screenshots
  • Integration with Read the Docs
  • Style Guide
• Testing SecureDrop
• Testing: Application Tests
  • Installation
  • Running the Application Tests
  • Updating the Application Tests
• Testing: Configuration Tests
  • Installation
  • Running the Config Tests
  • Updating the Config Tests
  • Config Test Layout
  • Config Testing Strategy
• Testing: CI
  • Running the CI Staging Environment
• SecureDrop apt Repository
• Updating OSSEC Rules
  • Alerting Strategy
  • Using ossec-logtest
  • Writing Automated Tests for OSSEC Rules
  • Deployment
• Generating AppArmor Profiles for Tor and Apache
• Portable SecureDrop Demo
  • Hardware
• Release Management
  • Pre-Release
  • Release Process
  • Post-Release
• Docker Build Maintenance
  • Get your Quay account squared away
  • Performing container updates
• Deploying SecureDrop staging instance on Qubes
  • Overview
  • Download Ubuntu Xenial server ISO
  • Create the base VM
  • Boot into installation media
  • Initial VM configuration
  • Clone VMs
  • SecureDrop Installation
  • Managing Qubes RPC for Admin API capability
  • Creating staging instance
• Targeting Xenial support
  • Running the Xenial dev env
  • Further reading

Threat Model

• Threat Model
  • Actors
  • Assumptions
  • Assets
  • Implications of SecureDrop Area Compromise
• Data Flow Diagram
• Attacks and Countermeasures on the SecureDrop Environment
  • Application Code — SecureDrop Repository/Release
  • Application Code — Source Interface and Journalist Interface
  • Application Server and Monitor Server
  • SecureDrop Dependencies — Python, Tor, Linux Kernel, apt, Tails, Ubuntu, or Hardware Firewall Vulnerabilities
  • Network Infrastructure — FPF Infrastructure or Organization Corporate Network
  • User Behavior and Hardware — SecureDrop Hardware Tampering or Failure in Operational Security